Intrusion Prevention

PHP.Voxel.Dot.Net.CBMS.Multiple.Code.Injection

Description

It indicates a Cross Site Scripting or SQL Injection Attack against Voxel.Net. Multiple Cross Site Scripting and SQL Injection vulnerabilities exist in Voxel.Net which could lead to unauthorized code execution and access to sensitive data.

Affected Products

Voxel Dot Net CBMS 0.7

Impact

Cross site scripting, SQL injection. Compromise of the affected system and information leakage.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
http://www.voxel.net/projects/cbms/

CVE References

CVE-2002-0960 CVE-2002-0961